April 25th, 2024

Fraud, Security & Risk Management Summit: New York

Event Overview

The ISMG Fraud, Security & Risk Management Summit dedicates a full day to advancing cybersecurity education among leaders and delivering enlightening sessions that encompass a diverse range of essential subjects.
Among the highlights will be a comprehensive exploration of incident response strategies during the hands-on and engaging “solution room” exercise. This activity tests the abilities of CISOs and cybersecurity leaders as they devise response strategies for a worldwide cybersecurity incident.
Join us for an in-depth look at pressing topics such as the technical landscape of AI, budget management, the shifting culture in cybersecurity, and more. As cybersecurity leaders strive to maintain equilibrium in a rapidly evolving landscape, the summit offers guidance on finding balance in times of change, reinforcing the notion that a steady hand at the helm is vital in safeguarding digital landscapes.

View our ISMG Event Experience video to see what your peers are saying about their participation. 

Venue

etc Madison Ave

360 Madison Ave, New York, NY 10017

Highlight Topics

  • Data Science’s Role in Cyber Threat Forecasting
  • Proactive Security Posture
  • Adapting to Enhanced SEC Scrutiny
  • Third-Party Risk Management

        And much more!

Advisors

Thought Leaders Leading Deep-Dive Discussions on Stage

ISMG Summits bring the foremost thought leaders and educators in the security space on stage, at interactive workshops and networking events. Learn from the who’s who in the cybersecurity industry, passionate about the latest tools and technology to defend against threats.

Murli Nambiar

CISO, SBI

Atanu Roy

Group CIO, Biocon Group

Sachin Seth

CEO and MD, BSE Ebix Insurance Broking (BSE Ebix)

John Frushour

Vice President and Chief Information Security Officer, New York-Presbyterian Hospital

Claire Le Gal

SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Michael Gioia

CISO, Babson College

Karen Boyer

SVP Financial Crimes, M&T Bank

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

Brennan Lodge

Head of Analytic Engines Cybersecurity, HSBC

Jagathi Gade

Global Head of Risk Engineering, Square

David Anderson

Vice President of Cyber, Woodruff Sawyer

Andres Andreu

Deputy CISO, Hearst

Kevin Cooke

Senior Special Agent, United States Secret Service

Laura Deaner

CISO, Northwestern Mutual

Umesh Yerram

Global CISO, Cboe Global Markets

Chris Holden

CISO, Crum & Forster

Brennan Lodge

Professor, Information Technology & Data Analytics, New York University

La Monte Yarborough

CISO, Acting Deputy CIO, HHS

Walker Newell

Vice President, Securities Litigation and Enforcement, Woodruff Sawyer

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

David Sheidlower

Vice President, Chief Information Security & Privacy Officer, Turner Construction Company

Speakers

Thought Leaders Leading Deep-Dive Discussions on Stage

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in cybersecurity passionate about the latest tools and technology to defend against threats 

Agenda

You can now view or download a PDF version of the attendee guide.

Registration & Breakfast

La Monte Yarborough

CISO, Acting Deputy CIO, HHS

Laura Deaner

CISO, Northwestern Mutual

Preston Miller

Director, Unit 42 by Palo Alto Networks

Threat Intelligence: Proactive Security Posture Against Evolving Adversaries

To effectively mitigate and respond to attacks, organizations must understand the latest capabilities and threats being deployed by their adversaries.

This session will equip CISOs with the latest analysis on the global threat landscape, the ways in which bad actors are leveraging emerging technologies to exploit traditional weaknesses, and bold strategies for combatting new and evolving threats.

Key takeaways will include:

  • Integrating new threat intelligence protectively into a robust risk management framework.
  • Analyzing the rise in zero-day attacks and the blind spots they exploit.
  • Understanding how AI/ML capabilities are being leveraged by adversaries for future attacks and how they can be leveraged to neutralize them.
  • Considering the role of behavioral analytics in enhancing threat detection capabilities.

La Monte Yarborough, CISO, Acting Deputy CIO, HHS

Laura Deaner, CISO, Northwestern Mutual

Preston Miller, Director, Unit 42 by Palo Alto Networks

Chris Wysopal

CTO & Co-Founder, Veracode

The Crossroads of AI and Application Security

Although, as with any new technology, it brings its own risks, including incorrect code suggestions and more intelligent malware attacks. Join this session to explore how to harness AI tools to work for you while ensuring your organization stays secure.

Chris Wysopal, CTO & Co-Founder, Veracode

Peter Tse

Information Security Officer, CTBC Bank

Boris Klyuchnikov

Special Agent, FBI

Payment Fraud: Navigating the Complexities of Modern Threats

This session provides a comprehensive exploration of the evolving landscape of payment fraud, shedding light on the latest threats, detection strategies, and proactive measures to safeguard financial transactions.
 
Join us as we delve into the cutting-edge of payment fraud prevention, examining rising threats such as account takeovers and synthetic identity fraud. Our expert panel will explore critical topics including authentication techniques, data security practices, and adherence to regulatory standards, while also addressing the growing risks associated with social engineering and the specific challenges faced in securing mobile payments.
 
Attendees will gain a comprehensive understanding of the latest trends, vulnerabilities and strategies essential for effectively combating payment fraud as well as:
 
  • The evolving face of payment fraud: Unpacking new trends and their industry impact
  • Uncovering weaknesses in digital payments: Lessons from real-world exploits
  • Harnessing AI for fraud prevention: The transformative role of machine learning
  • Mastering the maze of international fraud: Tackling cross-border payment challenges

Peter Tse, Information Security Officer, CTBC Bank

Boris Klyuchnikov, Special Agent, FBI

Shashank Golla

Product Marketing Manager, Wiz

Cloud Security Maturity and the Need for Proactive and Reactive Approaches

So, what is the right approach?

The answer is both. But which approach should be the focus today depends on the enterprise’s security maturity.

In this session, we will discuss:

  • What cloud security maturity is and the path to achieving it;
  • Creating an effective security backstop with cloud detection and response;
  • How reactive security should be an enabler for proactive security.

Shashank Golla, Product Marketing Manager, Wiz

Networking & Exhibition Break

Matanda Doss

Executive Director - Cybersecurity and Technology Controls, JP Morgan

Michael DeNicola

Supervisory Special Agent, Cyber Division, FBI

Karen Boyer

SVP Financial Crimes, M&T Bank

Claire Le Gal

SVP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

Stephen Johnson

VP of Solutions Engineering, Entro Security

Secure the Non-Human Identity Nightmare

R&D teams create and scatter secrets across vaults, code, collaboration solutions and more without any oversight or control by security teams. Secret-based breaches are among the top three attack vectors, and they are the most destructive.

What solution is needed to enable organizations to securely utilize non-human identities and secrets? How can you detect, safeguard, and provide context for secrets stored across vaults, source code, collaboration tools, cloud environments, and SaaS platforms?

Introducing Entro – the complete platform for non-human identity & Secrets management. With Entro, Security teams can finally efficiently oversee and protect non-human identities with automated lifecycle processes and seamless integration, ensuring comprehensive security and compliance through a unified interface. 

Stephen Johnson, VP of Solutions Engineering, Entro Security

Paul Kurtz

Field CTO, Splunk

Walker Newell

Vice President, Securities Litigation and Enforcement, Woodruff Sawyer

David Anderson

Vice President of Cyber, Woodruff Sawyer

Sean Mack

Former CISO, Wiley; ISMG Contributor

Adapting to Enhanced SEC Scrutiny: Strategies for CISOs Post-SolarWinds

This year, the SEC significantly ratcheted up the pressure on public companies – and CISOs. In July, the SEC adopted new rules giving the government more avenues to second-guess good-faith cybersecurity disclosure decisions. Then, in November, the SEC sued SolarWinds and its CISO for fraud, marking the start of a new era in cybersecurity enforcement.
 
In this discussion, our esteemed panel will provide an inside perspective on SEC risk – and mitigation – for CISOs and other security professionals in the wake of SolarWinds ruling, including:
  • How the SEC approached cybersecurity cases before SolarWinds ruling, and the new rules 
  • How SolarWinds ruling and the new rules are likely to influence future SEC enforcement activities
  • Lessons for CISOs from the SolarWinds ruling
  • How CISOs can navigate an enhanced role in the disclosure process
  • Key indemnification and insurance considerations

Paul Kurtz, Chief Cybersecurity Advisor & Field CTO, Splunk

Walker Newell, Vice President, Securities Litigation and Enforcement, Woodruff Sawyer

David Anderson, Vice President of Cyber, Woodruff Sawyer

Sean Mack, Former CISO, Wiley; ISMG Contributor

Robert O'Leary

CFCE, Senior Solutions Architect, Binalyze

Proactive Threat Hunting for Enterprise Organizations

Learn the latest methodologies, tools and best practices that SOC analysts and incident responders use to detect and neutralize emerging cyberthreats. Through real-world examples, you will learn how to leverage threat intelligence, conduct network and endpoint analysis, apply machine learning algorithms, and foster a collaborative security culture.

Robert O’Leary, CFCE, Senior Solutions Architect, Binalyze

Theresa Lanowitz

Head Evangelism and Research, AT&T Cybersecurity

Breaking Down Silos Toward a Secure Future

Based on new research, Theresa Lanowitz explains how these new relationships drive innovation focused on business requirements, increase resilience, and improve security.
 
She will share the business drivers for edge use cases and explain how organizations are shifting budgets to support and secure these initiatives.

Theresa Lanowitz, Head Evangelism and Research, AT&T Cybersecurity

Lunch & Exhibition Break

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

David Anderson

Vice President of Cyber, Woodruff Sawyer

Chris Holden

VP, CISO, Crum & Forster

Jason Pope

VP, Sales Engineering, Rubrik

Third-Party Risk Management: A Critical Component in the Cybersecurity Framework

CISOs must recognize that third-party risk management is not just an add-on to the cybersecurity agenda but a central piece of the overall strategy to safeguard their organizations in the digital landscape.

This discussion delves into:

  • The significance of implementing a solid vendor risk management framework and the potential consequences of oversight failures.
  • Tactical approaches for managing vendors that present a higher level of risk.
  • The utilization of metrics and external notifications to monitor and mitigate third-party risks effectively.

Fred Harris, Global Head of Risk & Compliance for Enterprise Technology &

Operations, Citi

David Anderson, Vice President of Cyber, Woodruff Sawyer

Chris Holden, VP, CISO, Crum & Forster

Jason Pope, VP, Sales Engineering, Rubrik

Christopher Hills

Chief Security Strategist, BeyondTrust

Identity Defense in Finance: Confronting the Emerging Threat Landscape

The discussion will touch upon key issues such as third-party vendor access, privilege elevation, vulnerability awareness, and how an identity-first security approach leads to zero trust and lower cyber insurance premiums.

Attendees will learn about market trends, emerging threats and risk mitigation strategies related to identity privilege. Join us for valuable insight into the future of identity security.

Christopher Hills, Chief Security Strategist, BeyondTrust

 

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

David Anderson

Vice President of Cyber, Woodruff Sawyer

Chris Holden

CISO, Crum & Forster

Kevin Cooke

Senior Special Agent, United States Secret Service

Deepfakes, Real Stakes: Unmasking Cyber Deception in a High-Stakes Interactive Tabletop Simulation

This interactive session is meticulously crafted to mimic a sophisticated cyberattack. It aims to bolster strategic response capabilities and enhance operational readiness against the backdrop of advanced cyberthreats. The focal point of this exercise is a strategically crafted deepfake incident targeting a corporate executive, weaving together elements of social engineering, financial fraud, and the challenges posed by emerging technological threats.

What you will gain from this experience:

  • Enhanced Organizational Readiness: To critically assess and improve organizational preparedness in response to intricate cyber incidents involving deepfake technology and social engineering.
  • Interagency Collaboration and Knowledge Exchange: To strengthen the partnership and information sharing between the Secret Service and leaders in the private sector cybersecurity community.
  • Strategic Response Development: To create all-encompassing incident response strategies that cover legal, technical and communicational facets, while also identifying and rectifying weaknesses in existing cybersecurity policies and governance.

Kevin Cooke, Senior Special Agent, United States Secret Service

Boris Klyuchnikov, Special Agent, FBI

Chris Holden, CISO, Crum & Forster

Fred Harris, Global Head of Risk & Compliance for Enterprise Technology & Operations,

Citi

Peter Tse, Information Security Officer, CTBC Bank 

David Anderson, Vice President of Cyber, Woodruff Sawyer

Walker Newell, Vice President, Securities Litigation and Enforcement, Woodruff Sawyer

Sean Mack, Former CISO, Wiley; ISMG Contributor

Networking & Exhibition Break

Fred Harris

Global Head of Risk & Compliance for Enterprise Technology & Operations, Citi

David Sheidlower

Vice President, Chief Information Security & Privacy Officer, Turner Construction Company

Jagathi Gade

Global Head of Risk Engineering, Square

Enhancing Collaborative Risk Management: Unifying the Approach to Fraud, Cyber and Tech Risks

The panel will focus on the importance of establishing a common language across different risk domains and explore how fostering interdisciplinary communication and understanding is crucial for timely and effective response to threats, aligning different departments under a unified risk management objective.
In this discussion, our esteemed panel will:

  • Examine the collaborative frameworks that enable CISOs and IT teams to seamlessly integrate security measures with everyday IT operations.
  • Highlight success stories that showcase the benefits of these partnerships, emphasizing efficient risk mitigation and the development of a robust cybersecurity culture.
  • Offer insights on how to establish a shared language for risk communication, the formation of interdisciplinary teams, and the importance of vigilant monitoring and rapid response systems.
  • Discuss the critical role of CISOs in championing security investments and the necessity of executive support to foster an organizational environment that prioritizes cybersecurity awareness.

Fred Harris, Global Head of Risk & Compliance for Enterprise Technology &

Operations, Citi

David Sheidlower, Vice President, Chief Information Security & Privacy Officer, Turner

Construction Company

Jagathi Gade, Global Head of Risk Engineering, Square

Brennan Lodge

Professor, Information Technology & Data Analytics, New York University

Umesh Yerram

Global CISO, Cboe Global Markets

Andres Andreu

Deputy CISO, Hearst

Intelligence Amplified: Data Science's Role in Cyberthreat Forecasting

Its role in analyzing past incidents and identifying future vulnerabilities is essential across organizational silos and industries.
 
In this exclusive session, our panel will take a deep dive into the dual significance of leveraging data science to not only fortify security posture but also to proactively enhance organizational readiness. Key areas of discussion will include:
 
  • Predictive Analytics for Security Posture: Unveiling effective methods to harness predictive analytics and thoroughly assess existing security posture.
  • Data Science in Threat Intelligence: Delving into how data science can process vast amounts of cyberthreat intelligence to predict and prevent attacks.
  • Machine Learning Algorithms for Pattern Recognition: An in-depth examination of how machine learning algorithms can assimilate knowledge from past security incidents to identify patterns and prevent future breaches.
  • Collaborative Data Initiatives: An exploration of the significance of data sharing across organizational boundaries, emphasizing the collective strength derived from collaborative defense efforts.
  • Role of Education in Cybersecurity: Shining a light on the indispensable role of education in building, upskilling and retaining adaptive, vigilant teams.

Brennan Lodge, Professor, Information Technology & Data Analytics, New York University

Umesh Yerram, Global CISO, Cboe Global Markets

Andres Andreu, Deputy CISO, Hearst

Closing Comments

Don’t miss your chance to attend this dynamic impactful event

#ISMGSummit

@ISMG_News

Sponsors

Entro Security logo

The Summit Experience

CPE Credits

Our summits offer Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.

Register

RSVP here to attend our events. You can select for multiple or individual tickets.

NOTE:  All requests to attend will be reviewed by event staff and approved based on professional qualifications and event capacity.

Upcoming ISMG Events

April 10, 2024

Strategies and Mandates for Phishing-Resistant MFA in Financial Services and Healthcare

April 24, 2024

Securing OT/IoT in the Age of Automation and Cloud Integration

May 15, 2024

Prevent, Contain, Minimise the Impact of Cyberattacks to Ensure your Organization's Resilience

April 16, 2024

Cybersecurity Implications of AI Summit: North America West Summit

June 6 - 7, 2024

Southeast Asia Summit: Cybersecurity & CIO.inc Business Transformation Conferences

Upcoming ISMG Events

May 15, 2024

Prevent, Contain, Minimise the Impact of Cyberattacks to Ensure your Organization's Resilience

April 16, 2024

Cybersecurity Implications of AI Summit: North America West Summit

April 24, 2024

Securing OT/IoT in the Age of Automation and Cloud Integration